[svn-upgrade] new version strongswan (4.4.1)

4 files changed, 23 insertions, 31 deletions

diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index 5d487364f..a5bc5eb39 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.1 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c
index cd04f3d1a..5b21b46d4 100644
--- a/src/libstrongswan/plugins/pgp/pgp_cert.c
+++ b/src/libstrongswan/plugins/pgp/pgp_cert.c
@@ -188,28 +188,18 @@ static bool get_validity(private_pgp_cert_t *this, time_t *when,
 }
 
 /**
- * Implementation of certificate_t.is_newer.
- */
-static bool is_newer(certificate_t *this, certificate_t *that)
-{
-	time_t this_update, that_update, now = time(NULL);
-	bool new;
-
-	this->get_validity(this, &now, &this_update, NULL);
-	that->get_validity(that, &now, &that_update, NULL);
-	new = this_update > that_update;
-	DBG1(DBG_LIB, "  certificate from %T is %s - existing certificate"
-		 " from %T %s", &this_update, FALSE, new ? "newer" : "not newer",
-		 &that_update, FALSE, new ? "replaced" : "retained");
-	return new;
-}
-
-/**
  * Implementation of certificate_t.get_encoding.
  */
-static chunk_t get_encoding(private_pgp_cert_t *this)
+static bool get_encoding(private_pgp_cert_t *this, cred_encoding_type_t type,
+						 chunk_t *encoding)
 {
-	return chunk_clone(this->encoding);
+	if (type == CERT_PGP_PKT)
+	{
+		*encoding = chunk_clone(this->encoding);
+		return TRUE;
+	}
+	return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+						CRED_PART_PGP_CERT, this->encoding, CRED_PART_END);
 }
 
 /**
@@ -232,7 +222,10 @@ static bool equals(private_pgp_cert_t *this, certificate_t *other)
 	{	/* skip allocation if we have the same implementation */
 		return chunk_equals(this->encoding, ((private_pgp_cert_t*)other)->encoding);
 	}
-	encoding = other->get_encoding(other);
+	if (!other->get_encoding(other, CERT_PGP_PKT, &encoding))
+	{
+		return FALSE;
+	}
 	equal = chunk_equals(this->encoding, encoding);
 	free(encoding.ptr);
 	return equal;
@@ -276,8 +269,7 @@ private_pgp_cert_t *create_empty()
 	this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
 	this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
 	this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
-	this->public.interface.interface.is_newer = (bool (*) (certificate_t*,certificate_t*))is_newer;
-	this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding;
+	this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
 	this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
 	this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
 	this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
@@ -365,7 +357,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
 	else
 	{
 		/* V3 fingerprint is computed by public_key_t class */
-		if (!this->key->get_fingerprint(this->key, KEY_ID_PGPV3,
+		if (!this->key->get_fingerprint(this->key, KEYID_PGPV3,
 										&this->fingerprint))
 		{
 			return FALSE;
diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c
index d5c3df590..9043cdb9f 100644
--- a/src/libstrongswan/plugins/pgp/pgp_encoder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c
@@ -25,8 +25,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
 	hasher_t *hasher;
 	chunk_t n, e;
 
-	if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
-						  KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
+	if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
+						   CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
 	{
 		hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
 		if (!hasher)
@@ -55,12 +55,12 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
 /**
  * See header.
  */
-bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
-						  va_list args)
+bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
+						va_list args)
 {
 	switch (type)
 	{
-		case KEY_ID_PGPV3:
+		case KEYID_PGPV3:
 			return build_v3_fingerprint(encoding, args);
 		default:
 			return FALSE;
diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.h b/src/libstrongswan/plugins/pgp/pgp_encoder.h
index 9df143399..b5bc2af44 100644
--- a/src/libstrongswan/plugins/pgp/pgp_encoder.h
+++ b/src/libstrongswan/plugins/pgp/pgp_encoder.h
@@ -21,12 +21,12 @@
 #ifndef PGP_ENCODER_H_
 #define PGP_ENCODER_H_
 
-#include <credentials/keys/key_encoding.h>
+#include <credentials/cred_encoding.h>
 
 /**
  * Encoding function for PGP fingerprints.
  */
-bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
+bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
 						va_list args);
 
 #endif /** PGP_ENCODER_H_ @}*/